From 373b575f5a7b509bbadd67b1d57eef57dd23357a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ulf=20M=C3=B6ller?= <ulf@openssl.org>
Date: Sun, 16 Jan 2000 15:58:17 +0000
Subject: [PATCH] New function RAND_pseudo_bytes() generated pseudorandom
 numbers that are not guaranteed to be unpredictable.

---
 CHANGES                 |  9 +++++----
 apps/speed.c            |  4 ++--
 crypto/pkcs7/pk7_mime.c |  2 +-
 crypto/rand/md_rand.c   | 19 +++++++++++++++++++
 crypto/rand/rand.h      |  2 ++
 crypto/rand/rand_lib.c  |  6 ++++++
 crypto/rand/randtest.c  |  2 +-
 e_os.h                  |  2 +-
 8 files changed, 37 insertions(+), 9 deletions(-)

diff --git a/CHANGES b/CHANGES
index 326b5cf7a..70dd5101b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,11 +7,12 @@
   *) Precautions against using the PRNG uninitialized: RAND_bytes() now
      has a return value which indicates the quality of the random data
      (1 = ok, 0 = not seeded).  Also an error is recorded on the thread's
-     error queue.
+     error queue. New function RAND_pseudo_bytes() generates output that is
+     guaranteed to be unique but not unpredictable.
      (TO DO: always check the result of RAND_bytes when it is used in the
-     library, because leaving the error in the error queue but reporting
-     success in a function that uses RAND_bytes could confuse things
-     considerably.)
+     library, or use RAND_pseudo_bytes instead, because leaving the
+     error in the error queue but reporting success in a function that
+     uses RAND_bytes could confuse things considerably.)
      [Ulf Möller]
 
   *) Do more iterations of Rabin-Miller probable prime test (specifically,
diff --git a/apps/speed.c b/apps/speed.c
index b96733346..59caa0db3 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -965,7 +965,7 @@ int MAIN(int argc, char **argv)
 		}
 #endif
 
-	RAND_bytes(buf,36);
+	RAND_pseudo_bytes(buf,36);
 #ifndef NO_RSA
 	for (j=0; j<RSA_NUM; j++)
 		{
@@ -1026,7 +1026,7 @@ int MAIN(int argc, char **argv)
 		}
 #endif
 
-	RAND_bytes(buf,20);
+	RAND_pseudo_bytes(buf,20);
 #ifndef NO_DSA
 	for (j=0; j<DSA_NUM; j++)
 		{
diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c
index 4282f69d0..54d5f422a 100644
--- a/crypto/pkcs7/pk7_mime.c
+++ b/crypto/pkcs7/pk7_mime.c
@@ -149,7 +149,7 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
 	if((flags & PKCS7_DETACHED) && data) {
 	/* We want multipart/signed */
 		/* Generate a random boundary */
-		RAND_bytes((unsigned char *)bound, 32);
+		RAND_pseudo_bytes((unsigned char *)bound, 32);
 		for(i = 0; i < 32; i++) {
 			c = bound[i] & 0xf;
 			if(c < 10) c += '0';
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index dbed1dcde..7b8cde940 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -146,12 +146,14 @@ static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(const void *buf, int num);
 static void ssleay_rand_add(const void *buf, int num, int add_entropy);
 static int ssleay_rand_bytes(unsigned char *buf, int num);
+static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
 
 RAND_METHOD rand_ssleay_meth={
 	ssleay_rand_seed,
 	ssleay_rand_bytes,
 	ssleay_rand_cleanup,
 	ssleay_rand_add,
+	ssleay_rand_pseudo_bytes,
 	}; 
 
 RAND_METHOD *RAND_SSLeay(void)
@@ -449,6 +451,23 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 		}
 	}
 
+/* pseudo-random bytes that are guaranteed to be unique but not
+   unpredictable */
+static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) 
+	{
+	int ret, err;
+
+	ret = RAND_bytes(buf, num);
+	if (ret == 0)
+		{
+		err = ERR_peek_error();
+		if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
+		    ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
+			(void)ERR_get_error();
+		}
+	return (ret);
+	}
+
 #ifdef WINDOWS
 #include <windows.h>
 #include <openssl/rand.h>
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
index 35a3bb6e1..5ab94a779 100644
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -69,6 +69,7 @@ typedef struct rand_meth_st
 	int (*bytes)(unsigned char *buf, int num);
 	void (*cleanup)(void);
 	void (*add)(const void *buf, int num, int entropy);
+	int (*pseudorand)(unsigned char *buf, int num);
 	} RAND_METHOD;
 
 void RAND_set_rand_method(RAND_METHOD *meth);
@@ -76,6 +77,7 @@ RAND_METHOD *RAND_get_rand_method(void );
 RAND_METHOD *RAND_SSLeay(void);
 void RAND_cleanup(void );
 int  RAND_bytes(unsigned char *buf,int num);
+int  RAND_pseudo_bytes(unsigned char *buf,int num);
 void RAND_seed(const void *buf,int num);
 void RAND_add(const void *buf,int num,int entropy);
 int  RAND_load_file(const char *file,long max_bytes);
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 3cdba48ba..9a0b80429 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -102,3 +102,9 @@ int RAND_bytes(unsigned char *buf, int num)
 	return(-1);
 	}
 
+int RAND_pseudo_bytes(unsigned char *buf, int num)
+	{
+	if (rand_meth != NULL)
+		return rand_meth->pseudorand(buf,num);
+	return(-1);
+	}
diff --git a/crypto/rand/randtest.c b/crypto/rand/randtest.c
index f0706d779..da96e3f69 100644
--- a/crypto/rand/randtest.c
+++ b/crypto/rand/randtest.c
@@ -73,7 +73,7 @@ int main()
 	/*double d; */
 	long d;
 
-	RAND_bytes(buf,2500);
+	RAND_pseudo_bytes(buf,2500);
 
 	n1=0;
 	for (i=0; i<16; i++) n2[i]=0;
diff --git a/e_os.h b/e_os.h
index fa2a11776..f0b381a54 100644
--- a/e_os.h
+++ b/e_os.h
@@ -79,7 +79,7 @@ extern "C" {
 #ifndef DEVRANDOM
 /* set this to your 'random' device if you have one.
  * My default, we will try to read this file */
-#define DEVRANDOM "/dev/urandom"
+#define DEVRANDOM "/gibtsnich/dev/urandom"
 #endif
 
 #if defined(__MWERKS__) && defined(macintosh)